I'm using nmap to scan for SSH enabled servers. This is what nmap outputs from the scan:
SSH disabled server example:
Nmap scan report for 70.0.0.109.rev.sfr.net (109.0.0.70)
Host is up (0.15s latency).
PORT STATE SERVICE
22/tcp closed ssh
SSH Enabled server example:
Nmap scan report for 255.0.0.109.rev.sfr.net (109.0.0.255)
Host is up (0.12s latency).
PORT STATE SERVICE
22/tcp filtered ssh
I want to use grep to export all of the SSH enabled servers into a file. The file will only contain the IP addresses of the SSH enabled servers.
For example:
1.1.1.1
2.2.2.2
3.3.3.3
4.4.4.4
5.5.5.5
I couldn't find the grep command that will do this. I just need to export the SSH enabled IP addresses to a file using grep (or any other Linux command for that matter). Thanks, all help is appreciated. (By the way, I'm reading this nmap scan from a file)
First, you probably want to spend some time with the nmap
man page, which will show you useful options like the -oG
option, which produces "greppable output". For example, when run on my home network, like this:
$ nmap -p 22 -oG - 192.168.1.0/24
I get output like this:
Host: 192.168.1.1 (gw.house) Status: Up
Host: 192.168.1.1 (gw.house) Ports: 22/closed/tcp//ssh///
Host: 192.168.1.3 () Status: Up
Host: 192.168.1.3 () Ports: 22/closed/tcp//ssh///
Host: 192.168.1.20 (fileserver.house) Status: Up
Host: 192.168.1.20 (fileserver.house) Ports: 22/open/tcp//ssh///
Host: 192.168.1.29 () Status: Up
Host: 192.168.1.29 () Ports: 22/closed/tcp//ssh///
Host: 192.168.1.52 (laptop.house) Status: Up
Host: 192.168.1.52 (laptop.house) Ports: 22/open/tcp//ssh///
If I want a list of ip addresses with port 22 open, I can just run:
$ nmap -p 22 -oG - 192.168.1.24 | grep 22/open
Which would get me:
Host: 192.168.1.20 (arcadia.house) Ports: 22/open/tcp//ssh///
Host: 192.168.1.52 (lkellogg-pk115wp.house) Ports: 22/open/tcp//ssh///
And if I wanted just the ip address, I would use awk
:
$ nmap -p 22 -oG - 192.168.1.24 | awk '/22\/open/ {print $2}'
Which would get me:
192.168.1.20
192.168.1.52
...which is I think what you are looking for.